MDVSA-2010:120

Descrição do problema

A vulnerability was reported in the SquirrelMail Mail Fetch plugin,
wherein (when the plugin is activated by the administrator) a user
is allowed to specify (without restriction) any port number for their
external POP account settings. While the intention is to allow users
to access POP3 servers using non-standard ports, this also allows
malicious users to effectively port-scan any server through their
SquirrelMail service (especially note that when a SquirrelMail server
resides on a network behind a firewall, it may allow the user to
explore the network topography (DNS scan) and services available
(port scan) on the inside of (behind) that firewall). As this
vulnerability is only exploitable post-authentication, and better
more specific port scanning tools are freely available, we consider
this vulnerability to be of very low severity. It has been fixed by
restricting the allowable POP port numbers (with an administrator
configuration override available) (CVE-2010-1637).